On Fri, Jun 18, 2004 at 01:00:25PM +0200, Wichert Akkerman wrote: > Previously Pascal Hakim wrote: > > Speaking with my listmaster hat on, that's certainly possible, but I > > don't believe it will help non-subscribers or subscribers posting with a > > different address all that much. I guess every little bit helps however. > > It doesn't matter for those either since you only check the pgp > signature. The only people who can not post using this scheme are > non-developers since their key is not in the keyring (or LDAP database > to be exact). > > We could use a seperate keyring for those, but maintaining that would be > awkwards. Perhaps we could combine it with a filter that allows posting > from subscribed addresses?
I take back what I said actually. The signature checker is very brittle, and it already stops a number of valid messages from people who want to post on the gpg-restricted lists such as debian-devel-annouce or debian-security-announce. I am not willing to maintain a seperate keyring for the debian-ctte list, so you'll have to find another listmaster to do it. I still fail to see why this list needs different rules than all the others. Pasc
